MS Windows hardening
Nowadays, when most of information are processed electronically, servers and personal computers security is the key technical measure in an information security area. Our MS Windows system configuration security audit service finds out security weak points and helps you to apply technical recommendations to remove them.
We can help you at the beginning to reduce potential attacks from internal network and to find out an optimal balance between security and operation needs. From our side, security audit is documented in such form, which enable customers to evolve this area internally.
Supported systems
Platforms, which are supported by our audit services:
Microsoft Windows 2000, 2003, 2008, XP, Vista, Windows 7.
We support 32-bit and 64-bit platforms (AMD64 and IA64).
Domain controllers security audit includes Active Directory review.
Similarly we evaluate workstations (PCs, notebooks), where we review end-user security.
Security audit needs short configuration data collection (less than 1 hour) on an audited server – remote access is sufficient. Data collection is made with server administrator’s assistance via administrator’s account. Collected configuration data are processed outside of a customer’s seat.
Audit scope
MS Windows system configuration security audit usually includes following areas:
| ID | Area |
|---|---|
| 1. | HW Platform and OS Basic Info |
| 2. | OS hotfixes and patches, automatic update settings |
| 3. | Automatic update configuration |
| 4. | Installed Software |
| 5. | Excessive or Problematic system services |
| 6. | Access Rights – Services and Drivers |
| 7. | Other Automatically Launched Programs |
| 8. | Password Parameters and Account Policy |
| 9. | Security Parameters |
| 10. | System Logs |
| 11. | Security Privileges Configuration |
| 12. | Problematic / Risky User Accounts |
| 13. | Local Group Membership |
| 14. | Access Rights – files, registry, shared resources |
| 15. | Network Configuration |
| 16. | Open Ports (TCP/UDP) |
| 17. | Network Services Configuration (WWW, mail, Terminal Services, etc.) |
In the case of special customer’s requirements we are prepared to change scope and depth of the audit accordingly.